Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T15EF1DC38A02E9DBF246291F5A1332F2E31E5A309E90A0A28D3FC538C57D7D95DE32570 |
|
CONTENT
ssdeep
|
192:uuPah6VxoexDCDvbozO5P0iKCRkNXM5ZSM5Z6:ZPahl5DTqwMiKokNyV6 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
cde89de3232326a6 |
|
VISUAL
aHash
|
993818183c383c18 |
|
VISUAL
dHash
|
71b2b03060707070 |
|
VISUAL
wHash
|
b9f898183c3c3e1e |
|
VISUAL
colorHash
|
38e00008000 |
|
VISUAL
cropResistant
|
71b2b03060707070 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 1 techniques to evade detection by security scanners and make reverse engineering more difficult.